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SEPARATION OF COPY PROTECTION RULES FOR 
DIGITAL RIGHTS MANAGEMENT 



Field of tlie Invention 

[0001] This invention relates to digital rights management (DRM), and more particularly to 
methods and systems for providing copy protection of digital content within an 
authorized domain. Such a domain can comprise, for example, a home network that is 
licensed to play content such as movies, games, music and the like on various different 
entertainment appliances coupled to the network. 

Background of the Invention 

[0002] Providers of digital content, such as music on compact discs (CD) and movies on 

digital versatile discs (DVD) often desire protection from unauthorized copying of the 
content. Such content can also be streamed to users via networks such as cable and 
satellite television plants, as well as over the Internet. Existing copy protection rules, 
such as those defined by the Society of Motion Picture and Television Engineers 
(SMPTE), generally do not take into account the existence of authorized domains, 
where devices (televisions, DVD players, game consoles, personal computers, and the 
like) owned by a single authorized user can securely exchange content. 

[0003] Known copy protection standards include states such as "Copy One Generation", 
"Copy No More", and "Copy Free." Such states make sense when content is 
communicated over an external unprotected interface or stored on media such as a CD 
or DVD. However, these standards can make it very difficuU for an authorized (e.g., 
Ucensed) user to use the content on different devices on that user's authorized domain 
(e.g. home network). 
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[0004] It would be advantageous to provide copy protection systems and methods that 
maintain an adequate level of protection for content and service providers, while 
allowing the content to be easily copied or moved within a protected authorized 
domain. It would be further advantageous for such systems and methods to maintain 
compatibility with traditional copy protection solutions (e.g., CGMS - "Copy 
Generation Management System"). This would allow external devices, such as digital 
televisions or computer monitors, to continue to display the content in accordance with 
the traditional copy protection rules. 

[0005] It would be still further advantageous to allow content users to legally share content 
over protected interfaces (e.g., on-line or removable media). As it is rarely acceptable 
to allow a user to share pay content with everyone, it would also be advantageous to 
enable a list of authorized domains to be specified for the sharing of content. 

[0006] The present invention provides systems and methods for implementing digital rights 
management having the aforementioned and other advantages. 
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SUMMARY OF THE INVENTION 

[0007] In accordance with one aspect of the invention, a method is provided for managing 

rights to content within an authorized domain, hi a single authorized domain, where a 
plurahty of domain interfaces are protected using a common rights management 
system, the method specifies if a copy of particular content is allowed to be provided 
on all devices or only on specific devices coupled to the domain via the interfaces. 
Copy protection information, with separately defined rules for outputs to external 
devices not protected by the common rights management system, is also specified. 

[0008] Such a method may also specify whether particular content may be copied or moved 
to another domain protected by a rights management system. A number of rendering 
devices permitted to render the content simultaneously may also be specified, 

[00 1 0] Another aspect of the invention provides a ruleset for use in managing rights to 
content within an authorized domain. The ruleset can include, for example, rules 
defining capabiUties of devices associated with the domain, rules defining persistent 
entitlements, and copy protection rules. 

[001 1] Rules defining capabilities of devices associated with the domain can include, for 
example, one or more of a device security level, a designation of whether a device 
supports secure time, a designation of codecs associated with a device, a designation 
of watermarks a device can check, and a designation of fingerprints a device can 
provide. 

[00 1 2] Rules defining persistent entitlements can include, for example,rules for forwarding 
content on legacy analog, digital compressed and digital imcompressed interfaces, for 
peer-to-peer content sharing, content playback controls, limit on the number of 
simultaneous devices rendering the content, fingerprint algorithms and required device 
capabilities to render the content. Copy protection rules can include, for example, 
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[0013] 



[0014] 



legacy device rules for restticting copies over at leas, one of an analog, compressed 
digital or uncompressed digital interface. Copy protection rules can also include rules 

for non-persistent content to be displayed within the authorized domain. 

In another aspect, the invention provides a system for distributing content to end users. 
Anetwork is used for the deliveryoflicensed content toahome network. The home 

networkcanbeanauthorizeddomainwhereapluralityofdomaininterfacesare 

proterted usingacommon rights management system. Licensed content is assocated 

with rights data specifying whemer the content is allowed to be provided on all 

devicesoronlyspecificdevicescoupledtothedomainviatheinterfaces. Copy 

protection infonnation is provided for outputs from the home network to external 

devices not protected by the common rights. 

An additional network can be coupled to the home network for receiving the licensed 
content. In such an embodiment, me additional network can also be an authorized 
domain, where all interfaces thereto are protected using the common nghts 
management system. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

[00151 Foratwtheru„derstandi„gcfmeprese„ti„ventio„,referencewiUbemade,o*^ 

the accompanying drawings, wherein: 
[0016] FIG. 1 is an example screen shot showing a session rights element; 
[0017] FIG. 2 is an example screen shot showing a rule element; 
[001 8] FIG. 3 is an example screen shot showing a purchase option element; 
[0019] no. 4 is an example screen shot showing a subscription element; 
[0020] FIG. 5 is an example screen shot showing a blackout element; 
[0021] FIG. 6 is an example screen shot showing a generic rating element; 
[0022] FIG. 7 is an example screen shot showing a selection element; 
[0023] FIG. Sisanexamplescreenshotshowingauserauthorizationelement; 
[0024] FIG. 9 is an example screen shot showing apersistent entitlements element; 
[0025] FIG. 10 is an example screen shot showing a rule set element; 
[0026] FIG. II isanexamplescreenshotshowingaredistributionelement; 
[0027] FIG. 12isanexamplescreenshotshowingaplaybackelement; 
[0028] FIG. I3.isanexamplescreenshotshowinganoptioncostelement; 
[0029] FIG. I4isanexamplescteenshotshowi„gaeopyprotectionnrleselement;and 
[0030] FiaiSisablockdiagramofanex^^pIenetwoncimpIementationoftheinvention. 
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[0031] 



DETAILED DESCRIPTION OF THE INVENTION 

P™.„coUIP)networksbnngsaneed for secure dehv^ 
.^„ers.Pcrp^ose.or.epre.nUisc.o^e^--^-^^^^^^^^^ 

DigimlKights Management (DRM),ean be viewed asageneral-^o 
access technology. 

TheseXMLdocumentsneedtobeprocessed „„„fipRM clients) as well as 

ae„vercontcnttov,ewers(vlewerscon.prtseonec^go.^lP^^^^^^^ 

by ttielPRMcUents that need to follow copy proteefonrulcs for the 

being rendered and/or persistently stored 

and partially descnbes me Generalized 
..applicationpromeorrestrietedfo^o G«S^^^ 

Markup Language (ISO 8879). By eonstructron. XML docmne 

SGML documents. 
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document's storage layoutandlogical structure. XML provide 
in^pose constraints on the storage layout and logical structure. 



[0035] 



is used to read XML documents and 
It is assumed that an XML processor is 



[0036] 



API 

ASN.l 

CA 



A software module called an XML processor 
provide access to their content and structure, 
doing its wonconbehalfofanothermodulccalledtheapphcation. 

The following acronyms are used herein: 

Application Programming Interface 
Abstract Syntax Notation One 
Conditional Access or Certificate Authority 
COMS CopyGenerationManagementSystem. This may be an analog system 

(CGMS-A) or a digital system (CGMS-D) 
DRM Digital Rights Management 
ECM Entitlement Control Message 
EMM 
IP 

IPPV 
IPRL 
IPRM 
KDC 
OCS 
PKI 
PBQ 
PBT 
PPV 
SRO 



hitemet Protocol 

Instant Pay-Per-View 

Internet Protocol Rights Language 

Internet Protocol Rights Management 

Key Distribution Center 

Origin Content Server 

PubUc Key Infrastructure 

Pay-By-Quality 

Pay-By-Time 

Pay-Per-View 

Session Rights Object 



BCS03156 



SSL Secure Sockets Layer 

TCP Transmission Control Protocol 

UDP User Datagram Protocol 

URI Uniform Resource Identifier 

URL Uniform Resource Locator 

VOD Video On Demand 

XML Extensible Markup Language 

[0037] The following terms are used herein: 

,00381 C.«.e..Pr«vlderAne„tity.ha.oreates.lioenses,aggrega.esand/ordistribu.es 
'"^ ^ !:L«.*eCac.eSe.e.. ^^^^^-^^ ^--^^-"^ —T^^ 
leo.io„Lus.ac.a.>y>na.es*ep»chaseattheconte„.prov.der. swebportal. 

Otherwise, user selection is made by the Confirmation Server. 
CcheServer An intermediate entity *at stores and redistributes content to 
consumers andoptionally toother cache servers. Besides streamittgcontemo 
vicwe., it also enforces theeontent accessru.es againsttheuserselectton and user 

entitlements. 

Conflrmation server An application facilitating me creation ofasession rights 
object. 

consumer Anentitysuchasanend-userthatconsumescontentobtainedfroma 
c::Serverandoptionally.ifpermittedbythecopyrtgbtho.der,redistnb^^^^^^^^^^ 
toother consumers in the system. Ueuser is givenasetofenftlementsby the 
;ovisioningcenter.hat.e«sedtodeterminc.hesatisfactionofcontentaccest^e^^ 
'Ienauslal.esapu,chaseofspecificconten..theuse.sselect.ontsmcludedm 

the Session Rights object. 



[0039] 

[0040] 
[0041] 



8 



BCS03156 



[0042] 
[0043] 



[0044] 
[0045] 



Entitlements A set of authorization attributes that allow users to access content. 
Provisioning Center An application that registersanewconsumer(e.g.Viewer)with 
the network, prov.s.onsitwith the Key Distribution Center (KDC) and createsasetof 

entitlements for the new user. 

Session Rights Object Asignedversionofcontent access rules foragivenpieceof 
content and specific user's purchase option selection. 

Ticket Atokenoftrust issued toaviewer by the KDC in order to access content ata 
particular caching server. It also includes the user's entitlements. 
[0046] Viewer A consumer of video content 

roo471 Amai„purposeoftt,edisclosedIPRMsys«mistoprovidedigi,alrigh.sma„ageme„. 

toCions such as autotioation, privacy, security, integrity and access control tools to 
any multimedia streaming networit based on IP protocols. The system supports pomt- 

to-point (VOD) and multicast deliver of content. Additional features relate to 

persistent (i.e., stored) content rights management, such as copy protectton. 

-me system canbebasedpurely on software protection, withalimitedtrustplaced 

upon the clients. However, other implementations are possible, includmg those m 
whichahardware security module is provided. Suchahardware security module may 

be optional. Alternatively, hardware security may be mandatory to obtatn nghts to 
high quaUty content from copyright owners requiring high security levels. 
ASe^ion Rights XML document can be generated byacontent provider or any other 
entity (e.g. a Confirmation Server) that provides final interaction with Ihe end-user. 
The content of the Session Rights document may be encoded in a Session Rtghts 
Object ARights element is the root element of the Session Rights documentlttsa 

sequenceofContent and selection elements, which are required, and Provider and 
Rule elements, which are optional. 



[0048] 



[0049] 
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[0050] An authorization XML document can be maintained by the Provisioning Server and 
included in each ticket given to a Viewer by the KDC. A Rights Manager module on 
the Caching Server can be provided to evaluate the rules and user selection against the 
authorization data in the ticket to allow or disallow access to the specified content. 

[0051] Each XML document may consist of a root element and a set of nested elements. 

[0052] Figure 1 is a computer screen shot illustrating one possible implementation of a 
session rights element 10. Content element 12, which is part of the session rights 
element 10, uniquely identifies the content associated with this set of session rights. A 
"format" attribute can be provided as part of the content element to indicate the format 
in which the content identification is specified (e.g. URL, ISBN, etc.). URL, for 
example, can be the default. An "id" attribute can be used to specify the unique 
content identifier. A 'protected' attribute may be provided to indicate whether the 
associated content is encrypted (e.g., during the pre-encryption phase and/or when it is 
delivered to a consumer). This attribute can, for example, be set to 'Y' as a default 
option, indicating that the content -is encrypted both during pre-encryption and when 
delivered. Otherwise, the associated content is unprotected. 

[0053] A provider element 14 can optionally specify a ProviderlD ("pid" attribute) and the 
provider name as a text string. 

[0054] The rule element 16 specifies a set of rules for the content specified by the content 
element 12. An "extern" attribute can be provided for the rule element 16 to specify 
whether the rules are defined in this document (e.g., value "false") or in an external 
document (e.g., value "true"). The default value can be, for example, "false." The 
rules do not change often and can be cached, for instance at a Caching Server, where 
the user can retrieve protected content. In order to minimize bandwidth overhead, the 
"extern" attribute may be set to "true" when the rules are being cached. Such an 
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implementation will significantly reduce the size of each Session Rights Object 
(SRO). 

[0055] A selection element 1 8 specifies a purchase selection made by a user, on whose behalf 
this Session Rights document is presented. An "optionID" attribute can be prov,ded 
for the selection element 1 8 to identify a particular PurchaseOption defined wtthm the 
Rule element that was selected by the user. Each option may be associated with 
different copy protection rules for persistent or non-persistent content. An "extern- 
attribute may also be provided for the selection element 1 8, to specify whether the 
selection is defined in this document (e.g., value "false'-) or in an external document 
(e g value "true"). The default value may, for example, be "false." A "deviceBound" 
attribute may also be provided for the selection element 18. If, for example, this 
attribute is set to 'V. the content will not be shared outside the access device. If tt .s 
set to -N'. then the content will be shared across the user's authorized domain. If this 
attribute is not specified within the selection element 18, the system can be 
implemented to check the same "deviceBound" attribute inside the persistent 
entitlements to find out whether or not to share particular content across the authored 
domain The deviceBound attribute affects how blackout verification is performed. 
For example, if the content is not shared outside the access device, then the blackout 
check may only apply to the locations (listed inside Authorization Data) that have an 
"AceessPoinr atttibute set to "Y." Otherwise, all locations listed in the Authonzafon 
Data will need to be checked. The value of this attribute must be consistent with the 
persistent entitlements that are associated with the user selection. 
[0056] Tlie rule element 16 is illustrated in greater detail in Figure 2. This element specifies 
all access rules associated with the specified content. It is a choice of one or more of 
are available rules. If the rule element is not specified, it may be assumed that the 
content is: 
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[0057] 



free; 

► not blacked out anywhere; 
. has no rating associated with it; 
• not available for subscription; and 
. no particular level of security is required to access it. 

t« apt access to such content, a purchase 
In one possible implementation, m order to get access 

element in the user Selection must be set to FREE. 

content, whibomer options may allow fteusertosaveaoopyofme content w,* 
varying DRM rules. 

,005S1 THe"op.ionn,"of.heSeleeUone.ente„tlS(P,Sutel,spec«est.elBof*^P^^^ 
optio„Ltwasselectedbymense,.Typica..y.ifanOriginServergeneratedaMlset 

rsLKi.htswlt..ot.n.e,».nset.,ection,t.e.wot..aonly^ 
Pu^haseOption elentent included in.hentle.,whichis,heonese,ectedbyth user. 

Ln.etJdolo.isuse.,inconsetvins.andwidth.Bu.if*eOn.»^^^^^^^^ 
.enetatesonly theuserselectionwlnleru,esa.e cached onaCach,ng servers 

:Xicay^o,„aeallPurcha.eOp.ionele»entsassoci^ 
;:LrOptioLlententisdescH.edingtea.e.detai,.elow,^ 

Figure 3. 
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[0059] A Blackout element 22 prova _ ^ ^„ _ .^jfled by a list of country 

document described hereinafter. 



with Figure 7. 



Wiui r iguiv < . 



[0062] 



by the streaming server. 
.evlceCapa.lUtle.ele.e„.2S.pec.e..ec...,^^^^^^^^^ 

:::.Po.conte„t«nde.nS,oneo..no«of.hefo,lowins=«n.ut.^ 



provided: 
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. securi.yLevelTcR.nderattribu.e.whichspecmes.heminimumsecuri.yl.v^^ 

the content rendering device. 
. eodeol„SecureHWa«rib».e,wbichisaflag*atwhe„providedataspeoif.ed 
s«e(e.g.,.rueCV))re<,ui«sara,deringdevice»deco„pressco„ten.«s.de 

secure hardware. 

. wa.ermarktaSeoureHWattribute.whichisaflag*at,e.g..whentt«eCY-), 
^uiresarenderingdevioetopcrformwate^ark detection inside secure 

hardware. 

. FingerprinanSecureHW attribute, which is a Hag that, e.g., when true ('V) 
^equiresarenderingdevice to ir^ertaflngerprint inside securehardware. 

For copying, the following attribute can be provided; 

. SecurityLevelToCopyattributcwhichistheminimumsecuritylevelofthe 
des.inaldevicethatisget.ingapersisteutcopyof*eco„tent.Tlnsru,ew,l. 
be evaluated against the SecurityUvelattributeotthe Chen, ticket. 

10063, AsindicatedinFigure2,o„eorntorePurchaseOp.ioneleu,e„tsareinc,u^^^^^^^^ 
' Ru,ee,e.ent. APurchaseOptionelernentisiUustratedingreaterd^^^^^^^^^^ 

Oneelementof.hePu„=haseOptione,en>entisaGenencR.^tselement30. Th s 

:Lhasnotypewhend^t.ypresentand.dicatest.ttheacn^^^^^^^^ 
^esorrights associated withpersisten. content are spec,fied,nad.ffer^.>»^ 
document. Tl-e GenericRightselementisalsoasubstitution group rnwhtchthe 

substitution elements can comprise: 

. CopyProtectionRules-definescopyprotectionrulesassociatedwid^cont^t 
wJlisnotsavedpe.istently,butco„ldbe forwarded to varrousdrg..^ and 
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»a,ogoun,u.s.™seleMe».isdefine<iinasepara.eXMLsohen,aa.ussed 

. Pe«is.enffin.i..e.en.s-ccn.en.u.agenUesassooia.ea«i*apers,s^ 

rcL.. T.ep.esenceor..se>e»ent.«es*.*eoo„.e„.— 
aown,oade.o..ecoraeabyacHentaevioea^„gas«a^gs^-^ 
dementis defi„edinasepa.a«XMLsch=madisc»ssedhere.„after. 

^ hv TSO 4217 US dollar can, for example, be the detault vam 
acronym defined by 15SU4Z1/.UO at" attribute can be 

available on subscription basis only. 
,0,3, «*eCosU.e.e„U..sno.pec.ea>eeo.e.ea.o^^^^^ 
availablefors»bsoription.IftheSubscnpt.c„eleme„t(a,scussedl« 
speciflea either, fl.e content is assumea to be fee otcost. 

apay-per-viewpurchasemechamsm.n.e-pnoe attnbute can specfy 



accessing this content. 



accessing uiio — 

APB.e.e.entc.be.eatoptoviaea— ^^^^^^^^^^ 
increments. An-inoremen," attribute canbeprovdea to speae- 
.i„utes)that.he.,rice.Msassociateawith.For,ns.a„ce,rn^^^^^^^ 

.„nt..eist^^e..— 
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[0068] 



the Authorization Data document, 



which represents the user's ability to 

(Figure 8) in " 
pay for content. 

f c «f tVip PurchaseOption (in columns) 

----- rr— 

anduserSelection(mrows).Whenaparticu ^^st be present and 

* TU,. value DENIED means that access will u 
addWon. the righ«„ost column show, *e reqmred value of U>e Pay 
user authorization. 



Table 1- Rule Matching 




P^haseOp«o„20mus.oo„.a,no„eo,m^ub^P^^^^^^^^^^^^ 
least one matching SubscriptionGroupwimom.u 

■wise, the value 



[0070] 



Sul 



.bscriptionGroup 34 includes the following two elements: 
16 
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[0071] 



, aSubscription - this element (36) specif.es a list of services on which this p,ece of 
content is available for subscription, and is described in more detail in connecon 
with Figure 4. Evaluation will be made against the list of aSubscription elements 
in the Authorization Data document (Figure 8) if the user selects the "SUBSCR" 
purchase option If the user has at least one of the provider/service pairs in tas 
entitlements, he will be granted access to the service (assuming that other rules, 
such as blackout and ratmg, are satisfied as well). 
. IncrementalCost - this is an optional element (38) associated with a particular 
aSubscription element and indicates that there is still an amount that needs to be 
paid when the content is obtained through a subscription to one of the specified 
services. The "currency" and "format" attributes are the same as the "currency" 
and "format" attributes for the Cost element 32 of the PurchaseOption 20 
described above. The "price" attribute specifies the (possibly reduced) cost for 
the content when it is obtained through this subscription, 
•ae aSubscription element specifies a Ust of services on which a piece of content is 
available for subscription, as illustrated m Figure 4. Because there are muluple 
methods for identifying service provider and services, aSubscription is an absttact 
placeholder for a specific subscription element. The substitution elements for 
aSubscription are: 

. SubscriptionID (40) - a list of two-byte unsigned integers representing service 
identifiers. This element also has an optional "provide^' attribute titat is a two- 
byte unsigned integer that identifies a provider. The reason the provider attribute 
is optional is because in some cases, service identifiers may be globally umque 
and may already imply a specific service provider. 
. SubscriptionName (42) - a list of service names separated, e.g., by white space. 
In such an embodiment, each name may not itself contain white space. Thts 
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no wM,e^acecharac.ers).ln4eoase«^se.ice names are globa W 
akeadyin.plyaspeoificprovider,fl.ep«>videra«ribu.en,ay be omitted. 

. subscrip.— r(44)-aUs.of— eaproviderandserviee^s 

(two bytes for provider, two bytes for service). 

scope of the present invention. 

lute The "^strioticn" auribute specifies whether the content ,s blacked out (t.e. 
attribute. Ihe resmc ^..w, „ value IN) or outside of the area 

disallowed) inside the specified geographic area (e.g., value IN) 

value OUT) A '•buyThni" attribute specifies whether flie content can be 

(e.g., value UiJi). ^ ^ y ^ ui v ^ «„t This is useful for content 

purchased when the userwouldotherwisebe blacked out. ms IS usefti 

distributed on a subscription basis. 

t,,, BachelenientofaieBlae.outse,uenceisasubst«on^^^^^^^ 

accommodatedif&renttypesoflocationcodes.TheelenientaLo V 
r»ac.p)aoeholderforaspecificlocationelenien..ThesubsUhiUone.e.nen.sfor 

aLocation are: 

. Couotry(52)-aUstoftokensseparatedbywhitespacewhcreeach 
tokenidentifiesacountryasatwo-charaoter country codedefind^^ 
..IS03166"(tt.edefauHvalueof.he "forma." attribute-other tonnats 

may be supported in the future). 
. „VDRegio.(54)-locationspecifiedbyaUstofDVDregioncodes 

separatedby white space. Thepossibleregioneodes are: 
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• 1 = U.S., Canada, U.S. Territories 

. 2 = Japan, Europe. South Africa, and Middle East (including Egypt) 

. 3 = Southeast Asia and East Asia (including Hong Kong) 

. 4 = Australia, New Zealand. Pacific Islands. Central America. Mexico. 

South America and the Caribbean 
. 5 = Eastern Europe (Former Soviet Union). Indian subcontinent. 

Africa, North Korea and MongoUa 

• 6 = Peoples Republic of China 

• 7 = Reserved 

. 8 = Special international venues (airplanes, cruise ships, etc.) 

. P„s.alC<K.e (56) - a lis. of totas separated by white space, where each 
token is a postal code location (e.g. ZIP code in US). It has an opttonal 
Boolean attribute "long" that specifies ifthe postal code is expressed ,n 

,ongtonn(c.g..9-digitUSZIPcodeins.eadofa5-digitone). Ifttas ^ 
attribute is not present, the short form is assumed. An opnonal "country 
attribute specifies a country within which the postal codes are located. It 
thecoun,ryisnotspecified.USisassumed. Hiere is also an 
accompanying optional "format" attribute that specifies the type of the 
country code used in the valueofthe "country" attribute. The default 

value for "format" is "IS03166". 

ro075] TheGenericRa,ingeleme„t24specifiesaconten.rating.asill«s.ra.edinFigurc6^^^ 
' ' GenericRati„ge.eme„.isof.ypeNMrOKBHandhasthefollowingp<«s.leval«e 
LEVEL0,LEVELl.LEVEL2,LEVEL3,LEVEU.LEVEL5.Gener,cRa.tngmaybe 
.edasacustomcontentra^ng scale where themeaningofeachlevelis^es^e. 
roththeSessio„Righ.sandin.heAu«,ori.«onDataXMLdocuments.Becausethere 
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■ 1 renericRating is also a substitution group. The substitution 
are multiple rating scales, GenencRating 

elements for GenericRating are: 

. „VBRa«.g(60)-apositiv.i„.egerbetween3and.8*a.represe„Ua 

minimum allowable age of the Viewer. 
. MPAAR.«.g(62)-as.ri„gwi*nowhitespace*atrepresen.soneot 

the MPAA rating levels. „,ofthe 
. TvRating(64)-astnngwithnowhitespacethatrepresentsoneofthe 

North American TV rating levels. 

— ™.-------'-"-»"- 

check passes as well, 
elements: 

. p.y„.e.,e.ea,e..(70)-specif,esthepurehaseop.iontheuserhas 
.Led inorderu-obtainacoesstomecontent. The tollowmg values are 

defined. 

• FREE - the content is free 

. SUBSCR - the user has a subscription to the service 
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[0078] 



ONE-TIME-PAY-the user selected theoption to buy thecontent 

based on a single payment (no subscription) 

PBT - the user selected the option to buy the content on pay-by- 



time basis 

. override element (72) - specifies whether .he user has overridden his 
rating ceiling when he ordered the oon.en.(e.g.provMedapasswcrd or 

PM code to the purchase or confirmation server). The valueofttas 

element specifies what rule was overridden, mearung that fte rule is no. 

going .0 be enforced. RATING is an example of a value that can be 

supported. 

TheAuthorizationelementSOofFigureSistherootelementoftheUser 
AutborizafionDatadocument. It can includeasecuenceofseveralopfonal elements. 
These ^epurchasingcapability (Pay element). us«location(Countryelement)us„ 
.bscription(SubscrandS„bscrUstelemen.s),contentratingcei.ins(Rat.nge,ement) 

and an element of "^^V"- 
[0079] The Auaioriza.ion element has several attributes: 

. principal-aumqueidentifierofanend-usercUentwhoisrequestingthe 
specified content. This anribute is required so that it can be used for 

billing purposes, for instance. 
. „perat«r-anoptionala«ributeiden.ifying.heneWorkprovider(MSO, 

ISP, etc.) of the end-user identified by the principal name above. 
[00801 The Authorization element is also a sequence of the following elements: 

. Pay element 82 specifies a user's ability to pay for content. Tlte foUowing 
values for the "type" attribute are defined: 
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Individ«.l - User is allowed to pay for individual a>ntent (e.g. 
ppVorPBT) 

LocationGro.p 84 - includes aLocaiion element 50 .ha. specfies 
ftelocationof .he user, which enables. e.g., an evaluasonof 
blackoutrules. This is an abstract placeholder for elements that 
identifyaspecific typeoflocation(such as country orzip code). A 

detailed description of this element is provided above m the 
discussion of Figure 5 (where aLoeation is descnbed as a 
component of the Blackout element). There is also an opUonal 
AccessPoint element 88 that, for example, when true ("Y ), 
indicates that to is Ae location of an access point that initially 
obtainsthecontentaftethecontentpurchase. Insuchan 

embodiment, if this element is false ('N'), then tins is the location 
ofasegmen. of the user-spersonal network and applies when tite 

user purchased content with the rights to keepapersisten. copy 
and reader it on any device within the user' s personal neti^ork. 
Tl,e default value canhe 'V, for example. When checking tf a 
blackoutappliestoauserforview-onlyconten.,only 
LccationGroupswithAccessPoin.settotiue(ornotpresen.)n^ 
U> be checked. On the oflrer hand, for content fl»t is .0 be saved 
persis.en.ly and shared within the user-spersonal network, an 
LocationGroupsneedtobechecked.IfnoLocationGrouprs 
provided,theblackoutrulesareevaluatedasiftheuserwere 
located everywhere. This means tttat the user will always be 

blacked out if blackout rules are specified. 
. aSubscriptio. element 36 specifies a service or a list of 

subscription s«vices provided by a given service provider. It ,s an 
abstract substitittion element that allows for the services and 
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.^oeprovider. tob. identified using differentconventions. A 
detailed de^ptionofteelemen. is found in .he di—ot 

Figure 4, above. 

Ge„ericRaa»g element 24 specifies aie user-selected content 

rating ceiling, i.e. the highest level of rating allowed for a gtven 
„.ing dimension. This is an abstract substtatton element that 
allows different rating methods to be used. Authorization for the 
same user canhavemultipleGenericRating elements in ord^to 
convey the rating ceilings for multiple content ratingmeUrods. For 
detailed de^riptionofthis element, see the discussionofFtgure 6. 



ronaharddrive,CO,DVD,ortheli.eforlaterp,a,bac.Suchc»»^ 

:led.oas..pers.sten..-^auseit.storedf^^^^^^^^^^ 
PcrsistentEntitlementselementPOtstheroo e^t f^^^^^^^^^ ^^^^^ 

tt.eSessionRigh.saspartofoneof.hePurchaseOpttone,ements20d.scussed, 
connection with Figure 3. 

[0082] PersistentEntitlements contains the following attributes; 

. „««a.-if,e.g.,'Y-,thislicensemayberenewedafteritexpires. In 
lerwordsare^uestmaybesenttoaUcenseServertoobtamanew 
LeforaU.=.ys.oredcontent.^erulesthatwouldappe.manew 
Ucenseafterarenewalcanbeeither.a.en.tamoneof.herenewa, 
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op.o.(seebe.ow)ora«ewse.ofru>e.ca„beob.aine.anside3„SRO, 

from an Origin Server. ,^,vhe 
...-Ktinn ifee 'Y', the corresponding content may be 

Jlassooiateawi^a^e— .eacopvot*eco„te„tcan.« 
:r.ta.e„^n>o„eof«.e.enewa,option.(seeMow)o.anewse.of 

„,es can b. ob.a>n«i (inside an SRO) ftom an Origin Server. 

^ ,^f tv>P following elements, shown m 
[0083] Persistenffinti..emen«90isaI«>ase,«enceottt>etoUowng 

Figure 9: 

. K...Se...eme»t92-ase.ofcon.e„.usageru.e.a„d — 
associated withtt.eco„.en.exp.ained^greaterde.a.lbe.ownr 

connection with Figure 10. 
. Re„ewaiOp«one,en,e„ts94-whentheRenewalatmbute.sse or 

TLenl— .eacHRenewaiOptionrepresentsaposstbie^^^^^ 

LstbatwouidgointoanewUcensea^erarenewa.. AR— 
^inc,udesacos..e.g., an amount of money thatwouldbechargedt 

consumer for renewing a content license with this option. 
.:Lse.e,ement.oftheRenewa.Optione.eme„t94h.the^e 

tpeastheRuleSetelementofthePersistentEntitlementsCseeFtgu^lO). 

ro:::ih«-etheRuleSetrepresen.s.crementaU-^^^^^^ 
fl.eoriginalsetofn.les.Whenarenewaloption,sselec.ed,theresul.mg 

setofcontentrules/restrictionsisobtainedasfollows: 

0,ase)RuleSet.copyitinto.henewPersisten.Entitlements. 
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. ifaparticularmleorrestrictionisfoundonlyintheRuleSetfor 

the selected renewal option, copy it into the new 
PersistentEntitlements. 
. ifaparticulaxruleorre^ictionUfoundinboftftebaseRuleSet 
and in fteRuleSet for fte renewal option, take the onemthe 

renewal option. 

. itapartioularruleorresMctionisfoundinneitherofthetworule 

sets, use a default value. 

. TheOp.io«C.s,elen,en.96oftheRenewaIOptio„con.ain.boththecos, 
fcrUcLrenewalusing^soptionandacostofsuperdistribution-g 
.^soption(*at.aybedifferen.f^.therenewaIoos.) A-nore e,a„ed 
descriptionofOptionCostisprovidedineo«,ectionwi4F.gure 3. 

. c«pyrigh.e,ement98-providescopyrightmfonnationassoo.a.edw* 

the content, 
though it is not shown in Figure 10). 

element (for the exemplary embodiment) as described below. 



[0085] 
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,0861 TheAna.ogOun.ute.emen. ,00 restrict copies over an analog interface. ltcana.so 
)086] ineftnaiDB v ,.pc% „arameters where APS is a mechanism to 

defineanalogproprietarysy8tem(APS) parameters, wn 

preventanalogoopiesofavideosigualandwouldnormallybeusedwhent^e 

CRestHcL-ttHhutedefmeahelowisset,e.g.,toKOCOPV(i...a„alo^^^^^ 

Jlallowedl-AnexampleofanAPSisthewelllotownMacrov^^^^ 

fl>epresen.time,withinmostcommeroial.yavai.ab.edev.ces.nosuche,uva.e« 

»Iforana.ogauaio.Wore.inmostcaseswhen.opvRestricti on-for^a,og,s 

:;tNOCOPYfor»audio-on.y(e.g..music)co«ten.ana.ogoutputhastohe 

completely disabled. 

100871 TheAna.ogOutpute,ement.00eonsistsofthefoUowinga.tributeswhichapp.y 

specifically to analog output: 

. eopyRestrietion-anenumerationtypethatspeciflesacopyprotection 
state associated with anaiog interfaces. Tl-e IPRM system must ignore 
(but still preserve) this attribute except in the case when it is exportmg 
oontentoverananaloginterface. In that case, the IPRM system must 
translatethis copy protection state to whatever .neans are avatlable on the 
particular ana,oginterface(e.g, copy GenerationManagemettt system 
(CGMS-A) , Macrovision, etc.) This attribute can have one of the 

following values: 

. UNLIMITED - no limitation on the number of copies of the 

content that is received over an analog interface. 
. NOCOPY - copying of the content received over an analog 
interface is not permitted. In practice, this means that when 
content is transmitted over an analog interface, copy protection 
(eg Macrovision) must be turned on. Some analog video 
interfaces also support CGMS-A copy protection bits inside VBI. 
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. NOMORE - no more copies of to content may be made over an 
analog interface. One way that IPRM-conttoUed content could 

get this setting is when (i) the content is imported into the IPRM 
system over an analog interface, which carries CGMS-A copy 
protection bitsoverVBI,and(ii) the CGMS-Arelayed over the 

analog interface was s^toONEGENERATION. Under such 
circnmstances, when the IPRM system imports this content, it is 
obligated to transition the copy protection state fix>m 
ONEGENERATION to NOMORE. 

. ONEGENERATION -a copy of the content received over an 
analog interface may be made. When that copy is made, the copy 

protection state on an external storage device must be set to 
NOMORE. (The copy protection state kept by the IPRM- 
protected copy of the content remains michanged.) It may be 
possible to relay this copy protection state over some analog 
interfaces using CGMS-A over VBI. 
numberOfCopies-this attribute is applicable only when copyRestriction 
attributeissettoONEGENERATION. In that case, this attnbute 
specifies how many ONEGENERATION copies of the content may be 
„ade over ananaloginterfaccAvalueofzero, for example, can mean 
tt>at there is no limit on «.enumberofONEGENERATIONcop,es made. 

eomponentOutput - a Boolean flag When set, e.g., to , it is OK to 

ttansmit this content over a component analog output. 
ctpoUnowed-aBoolean flag. When set, e.g., to -N-.analogoutputof 

any type for this content is disabled. (Componem output does not apply 
.0 audio-only content, in whichcasethisathibutemay be usedinstead.) 
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a„SvocP»lse - a Boolean flag. When set, e.g., to -V, the copy 
•:rrre..g.,Mae™v.on)..tntU.eaPse.aoS.cPu.. 

.p,lL.Bu..-anen— ntypethatcanhavethefoUow^^ 

values: . . 

. N - split eolor burst not utilized by Macrov,s,on 

. 2 - use 2-line split color burst for Macrovision 
. 4 - use 4-line split color burst for Macrovision 
.eoos.— .-.hnitsaviaeotntageresoluttonon.^^^^^^^ 
Whenset e.g., to 0, there is no resthCion on resolutron. Whens ttoth 
rse-Ce.g.,..anappUc.onseneratingan.a,ogoutp^^ 
Lehowtorestrictfltevideoimageresolution. aherwrse, thts 
rutespecif,esalin,itonanun.berofpixelsper.=une(e^- 
aconstrainedviaeoin,ageislin>ited,o520,000p.e,sperj^^ 
. eonstraiBeaAudio-limitsauaiobitrateonananalogoutp menset, 
" toOthen^isnorestricUononaudiobttrate. Whensettothe 
:::itestate(e.g.,l),=.appUeationge«eratingan^^^^^^ 

1 ^;«wtrnte Otherwise, this attHDUte 
riecide how to restrict the audio bit rate, umer 

S saUnntonthebitrateinKBits/secforanalogauaiooutpu. 
to be converted to stereo with only two channels). 



28 



BCS03156 



Hr^,h,nt element 101 restricts copies over an external digital 
[00881 TheDigitalCompressedOutputelement ^example of such 

compressed >n.erfacethatisno.proteotedw,**e^^^^^^^ 

. interface wou,dbelEEE-,394(F,rew.reb.).H^-^^^^^^ 

f TPVV n94 and IPRM is used to protect conieiu « 
running on top of IEEE-liy4 ana ir 

this element would be ignored. 

[00891 DigitalCompressedOu*»tconsistsofthefollo™g— s: 

.e«pyIUs.He.io«-an enumeration tvpetbatrestrictsthen^nberofcopies 

fLoontentthatntaybemadeoveranextemaldigitalcontpressed 

. rface The values of this attribute are defined above in the drscuss.on 
:r:a"o:te.»»UOO.Thisattribu.edoesnotappl,(butmust 

eZservedwhencontentisexchangedbetweende.ces»the^^ 

JorizeddomainnsinglPKMsecunty. ^V^— 

ever an extentaldigitalcompressedi„terface.this copy protecuons^^ 

Ltbetrans,ated(e.g.,.oCGMS-D)andsentoverthespe.ficd.g,tal 

compressed interface. 
. „„,p„,AHo«ed-whenthisBooleanflagisset,e.g..toN,d.g.tal 

•"Zledcontentmustnothesentoverexternal..erfa.sev»we. 

JareencrypUdusinganon-ffRMcopyprotectiontechnologyC.., 
tclThisflagapplieswhenoontent is sent with an intent to copy as well 

as when the content is sent withminten. to render-only. 

"DVI") that is not protected with U'KM. 
attributes: 
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„ffl,econ.en.reoeivedoveranex.en«l digital uncompressed ,nte ace. 

The values of «s attribute are defined above in the discuss.on of the 
AnalogOutput element 100. This attribute doee no. apply (but must be 
p^served) when eontent is exchangedbe.weendevicesm.he same 

autt,orizeddomainus>ngIPRMsecuri.y. When con.ent is transferred 
L.ex.ernaldigitaluncompressedin.erface,.hiscopypr.ec.™^^^^ 

be translated (e.g., to CGMS-D) and sent over the spec.fic d.g.tal 
uncompressed interface. 
. „„n.«tAll.«ed - when dns Boolean flag is se., e.g., .o "N", d.g..al 
Jompressedcon.entmustno.besen.overex.emalinterfacese^ 
.ben they are encrypted(e.g.,wimHighWwidthD,g,ta Co.«^t 
P,otect,o„(HDCP),. Thisflagapplieswhencon.en..ssen.w., anmt^t 
.ocopyasweUaswhen.hec„n.en.issen.wimanin.en..orender.only. 

TheKed..ribu«onelemen.l03defi„esndesforre— sionof^ec^^^ 
" «,ecurrentau.hori.eddomain. Kote that this element does not apply osur 

:b::I:sCleLmu.pleau.ori.ddomainswi.hou.anada.ona.cos.. 

The Redisttibution element has the following attribute: 

. „...e-whenthisBooleanflagisset.e.g.,to-y.thiscontentmaybe 
„oved.o another authori^ddomain. However in*ecaseoamove,al 
e„piesof*econ.en.in.heorigh«lau«domainmus.beremov^e. 
T^eUs.ofau*orizeddomains.owhichmecon.entmaybemovedcanbe 

optionally restricted - see below. 
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[0092] 



[0093] 



[0094] 



[0095] 



The Redistribution element 103, Ulust^ted in greater detail in Figure 1 1 , includes a 
sequenceofzero or more Destination elementsUCwhere each destination element 
allows the eontent to be copied or moved to th^ specific destination that is outstde of ^ 

the current authorized domain. Whether or not it has to be a move rather than a copy 
is determined by the 'move' attribute of the Redistribution element. 

A Destination element contains the following attributes; 

. realm-identifiesanotherauthorizeddomaintowhichthecontentcanbe 

copied or moved. 

. id - a host identifier for a specific device in the specified authorized 
domain to where the content may be copied or moved. If this parameter 
is not included, the content may be copied or moved to any device m dte 
Specified authorized domain. 

The Redistribution element can also optionally include a GeographicalRestriction 
elementinthatmi^tpreventmovementorcopyingofcontentintoauthonzed 
domains listed inDestination elements, ifthey are located inblacked out geographcal 

regions. 

ThePlayback elementl04places restrictions onplayback of stored content. It defines 
conditions which determine when stored content becomes expired and may no longer 
be used. The Playback dementis illustratedingreaterdetailinFigure 12,andhas,he 
following optional attributes: 

. startDate - the content cannot be accessed before this time. 
. endDate - the content cannot be accessed after this time. 



[0096] 



APlayback element isasequenceofoneormoreofthefollowingelements: 
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P,.yB.ekC.«nt(120)-an integer value ftat specifies the maximum 
numberoftimes tot this content may be playedbackbefore..,s 

considered to be expired. Ms element has an optional atmbute 
^Duration that limits the durationofeachindividu^ playback. When 

duration is speeded, a playback must be automatically tenmnated 
after the specified timeperiod.Star.Date and endDateattributesofto 
Playback element may be used in combination v,i.hthiselement. They 
would limit the period within which the cont^t may be played m 
addition to the limit on the number of play backs. 
. Reota. (122)-achoicebe.weenEndTimel24andIntervall26elem™ts. 
EndTimeistoexpiration time for the content after which it must not be 
usable, interval is a period of time within which the content is usable and 

has the following attribute; 

StartOnFirstUse-aBooleanflag. When set, e.g., to 'Y ,.t 
means tot the rental inte^al doesn't start unfl the first time that 
to content is accessed, e.g., to first time that a decryption key for 
toscontentisretrievedfromtocontentliccnse. If this flag value 
is e g 'N', the rental interval starts when a content license is first 
created. Once a rental interval is startod, to Rental element must 
be modified with to Interval replaced by EndTime, which .s 
calculated as to starting time of to interval + Interval. 
The startDate and endDate attributes of toPlayback element 104 
„ay be used in combination with the Rental element 122 and 
StartOnFirstUse set to, e.g..'Y.' They wouldprovide an absolute 
time interval within whichtocontent may beplaycd in addmon to 

to relative time limit on to period within which content play 
backs may be started. 
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. PauseTime (128) -max number ofminutesofpause time allowed per 
occasion. What "oooasion" means could vary between different 

rendering applications. 

10097] TheMulticastLimitelementlOSlimUsthenumberofdevicesthatthecontenU^^ 

' .i^nlt^meouslystreamedto^maresidentialhomegateway. does net have to be 

anffmulticast. Ifthe same content is being streamed ,o several chents 

:l,.aneouslvovermn,t,p,epoint.to.p„intco.n,ec«ons,tha.wou,d.^ 

• ... A value of eg, zero means that the number of such 
multicast m this case. A value oi, e.g., 

sdevioesis.mrestHcted.Eachsing,em»iUcastofthec„ntenttsoonnted 

as a single playback. 

,0098] TheFingerprinteiementlOfiidentifiesafingerprintalgorithmthatistobeinserted 
' ' intotheooltasitisbeingdecompressedandde,.veredover.ex.«maa„^^^^^^^ 
digital uncompressed interface. SeveralFingerprintelementsmay be mclude^^^ 
oltoprovideachoioetotherenderingdeviccThiselementhasthefoUowrng 

attribute: 

. r,„gerprin,ID- an identifier for a fingerprint algorithm. Any of various 
knownorfuturefingerprintalgorithmsmaybeused. Addttronal 
attributes specific to the fingerprint algorithm selected can be provrded as 
necessary, as wiU be apparent to those skilled in the art. 

[00991 TheDevceCapabihtieselement 107 places some requirements on a device dtat is 
' .lowedtor^derorstoreacopyofthecontent. It has the following attnbutes: 

. SecurityLevelToRender-minimumse^tylevelofadevicerequi^dto 
render this content. 
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. SeeurityLevelToCpy - minimum security level of a device required to 
saveacopyofthiscontent. In practice this security level will be greater 
than or equal to SecurityLevelToRender. 
. c«deelDS«;ureirW-ifthis Boolean flag is, e.g.,'Y'. a device is 

required to decompress this content within a secure hardware module. 
. WatermarHnSecureHW - if this Boolean flag is, e.g., 'Y', a device ts 
«,„ired to detectawatemtark embedded in flds content withinasecut. 

hardware module. 

. Fing.rprtoanSec.reHW - if this Boolean flag is, e.g., 'Y', a device is 
required to insertafingerprin. into this content withinasecure hardware 

module. 

,0,001 TheOptionCostclement96isasub-elemen.„faRenewalOpUon94asshownm 

RgureUdidentiflesthecostofusingthisoptionandthissetofcontentusagerules 
to eiterenewaUcense or to buyasuper distributed copy of are content. The 

attributes of OptionCost are: 

. carrency-currencyusedtospecifythecost. Ade&ultvalueofUSD" 

identifies US dollars. 
. format- format usedto specify the value of the currency attribute, defauU 

is IS04217 (a 3-letter acronym). 
[0101] OptionCos.element96,illustratedingrea.erde.ailinFigurel3,isasequenceofone 
or more of the following: 

. RenewalCost (.32) -the cos. ofrenewing a license with this option that 

contains this set of content usage rules. 
. SuperdistributionCost (134)-thecostofbuyingasuperdistributed 
copyofthe content using this option with this setofcontent usage rules. 
When this element and RenewalCostareboth present, the same setof 
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A- trJhuted COPY of the content. Hie pnce may be different 

:::::: a:L...s.a«...^^^^ 

license to content already purchased. 

P„,ec.ionRulcsschema,andisite»a.edmF,gure 14. ^''^ 
p„.eotio„n.,esassociatedwiU>fo™»dingco„ten.overou.^.po.sa„dd 

whiohareasubsetcftherulesinlPRMP— Enmlements. 

e0103] C<^yProteotio^u.esisase,u»ceof«,efoUowi„gele»e„ts: 

. A.a.ogOun,..(100)-restrictscopiesoveranana.oginterfaoeas 

described in connection withFigure 10. 
. DigiU.Con,pre.sedO„.pu. (101) - restricts copies over a d.g^.al 

Ip^sedinterface.describedinconnectionwitbPtS^ a 
.Digt.am.compressedOu.p«t(102)-restric.scop,esov.ad,g^^ 
"Lp.essedinterfaceasdescribedinconnec.ionwithF.gn.elO. 
. ;L di.a..n.«(U2)-U.i.ond.en„n.be.otsin.uUaneo...^^^^^ 
.owbicbcontentst.ean.sn.aybe — ove.IPKM-p»..«i 
eonnecUons.Ava,neof,e.g.,.e.on.ca„stbat content cannotbe 



pe. occasion. What "occasion"«.eans could vary between d.ffe.en 
:::dcringappl.catio..™sele....isdescribedaboveu.connect.on 

;:r.O0.-— sannge..b.talgont..tbaUstob..^cd 
ilt thLntentasi.isbeingdcco»p«ssedanddelive.edove.an 
::r.a.ogo.digi.a.nncon.p«ssedi„terface. Se,e»l F,„ge.„nt 
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elements may be included in order .oprovideaohoioetotherendering 
device. Thiselementisde.cribedaboveincom.ectionwithF.guxe 10. 



[0104] 



Figure 15 is a block diagram illustrating an example network enviromnent in wh.ch 
U,einve„tioncanbeused. A content provider 150 provides digital content v,a a 
communicationsnetworUSlsuchasthe internet. The content may beprov.d^>r 
example, as streamingmedia. Uponreceiptof.heconten,ahon,ega.eway.52 can 
decrypt thecontent (if decryptionis authorized) and apply the n-RM rues to the 
conl If authorized for copying. theco„t«..canbecopiedontoaDVDwr.terl55, 
or the like. AS wiUbeappreciatedbytitoseskilledinthe art. other copyngmeat. 
.ay beprovided. such asaCD writer, video tape recorder, etc. Ucensedcontetmay 
alslbe Stored .ocaUy.e.g.,onaharddiskdrive 156. Other typesofs.oragemed.a 
currently knownor developed inthe&mre may additionally or altematvely be 

provided for storing licensed content to be played at a later fme. 
Variousvideo,audioand/ormultimediaappliancesmaybecoupled.othehon.e 
gateway for reproduction and/or storageoflicensed content, such dev.ces,reerred to 
:deviLNldevicemareillustratedinFigurel5asdevicesl53ar.d 154. These 
may be analogor digital devices which arepemtitted or denied accesstoparttcular 
coLba.edonthe.PRMr»lesappliedbythehomegatewayl52,e.g.,maccordance 
with XML documents as described above. Anynumberofsuch devices wrthmthe 
hardware and/or software capabilities ofthe particular home gateway 152may be 

provided. 

[01061 Ahomenetworkl57,salsocoupledtothehomegatewayl52todistributecontentto 
' app.iances(e.g.,PCs,televisions,PVRs,CD/DVOplayers,etc.)coup.edto*ehome 
nLork.Thehomenetwori.l57maybe any typeofavailable network, mcludm 
wired and wireless(e.g.. any ofthe IEEE 802.11Wi-Fistandards.Bluetooth. etc.). 



[0105] 
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The home network 157 may also be coupled, via a suitable gateway 158 as well 
known in the art, to other authorized networks 159. Such a network 159 may 
comprise, for example, another home network to which the subscriber at home 
network 157 is authorized to forward licensed content. This can be useful, for 
example, where the subscriber at home network 157 has a second (e.g., vacation) 
home where it is desired to view content. 

[0107] It should now be appreciated that the present invention provides methods for IP rights 
management within an authorized domain. The methods provide flexibility in that 
rules for separate systems do not have to be tied together. Instead, a universal set of 
rules is provided to enable rights management in an authorized network that may 
include many different products, including both analog and digital video, audio, and 
multimedia appliances. Moreover, rules are provided for both streaming content and 
locally stored content. 

[0108] While the present invention has been shown and described with reference to the 

preferred mode as illustrated in the drawings, it will be understood by those skilled in 
the art that various changes in detail may be effected therein without departing from 
the spirit and scope of the invention as defined by the following claims. 
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